Juan Cespedes <[EMAIL PROTECTED]> writes: > Yes, both ld-linux.so.2 and ld-linux.so.1 should be fixed; nobody > should be able to run a setuid program in a LD_PRELOAD environment. > At least, I can't find any reason to allow it, and many people could > use it to try to find exploits.
But there _are_ reasons to do allow it (see below, and also add libnfslock to the list). If there weren't any someone would have presented these patches much earlier. ------- Start of forwarded message ------- Message-ID: <[EMAIL PROTECTED]> Date: Sun, 8 Feb 1998 15:39:10 -0600 Reply-To: Aleph One <[EMAIL PROTECTED]> From: Aleph One <[EMAIL PROTECTED]> Subject: Re: Another ld-linux.so problem To: [EMAIL PROTECTED] On Sat, 7 Feb 1998 [EMAIL PROTECTED] wrote: > Yes. SOCKSifying stupid protocols that require binding ports <1024, for > example. Assuming you install libsocks5_sh.so in /usr/lib, you can do: > > $ (export LD_PRELOAD=/usr/lib/libsocks5_sh.so; rsh machine.outside.firewall > pwd) > > and have it work. This is basically what the runsocks script does. Another example: installing a library that overides mktemp, tempnam and other dangerous library functions with more secure ones. So the feature is indeed useful. The correct behavior should be for the dynamic linker to give up at the first error. Alternatively you should be able to configure such libraries via the configuration file instead of an environment variable. You cant do so now as far as I can tell. > -- > Carson Gaspar -- [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] > http://www.cs.columbia.edu/~carson/home.html > Queen Trapped in a Butch Body > Aleph One / [EMAIL PROTECTED] http://underground.org/ KeyID 1024/948FD6B5 Fingerprint EE C9 E8 AA CB AF 09 61 8C 39 EA 47 A8 6A B8 01 ------- End of forwarded message ------- -- James -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
